CVE-2002-0693

critical

Description

Buffer overflow in the HTML Help ActiveX Control (hhctrl.ocx) in Microsoft Windows 98, 98 Second Edition, Millennium Edition, NT 4.0, NT 4.0 Terminal Server Edition, Windows 2000, and Windows XP allows remote attackers to execute code via (1) a long parameter to the Alink function, or (2) script containing a long argument to the showHelp function.

References

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A374

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-055

http://www.securityfocus.com/bid/5874

http://www.iss.net/security_center/static/10253.php

http://marc.info/?l=bugtraq&m=103435279404182&w=2

http://marc.info/?l=bugtraq&m=103419115517344&w=2

http://marc.info/?l=bugtraq&m=103365849505409&w=2

Details

Source: Mitre, NVD

Published: 2002-10-10

Updated: 2019-04-30

Risk Information

CVSS v2

Base Score: 7.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Severity: High

CVSS v3

Base Score: 9.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Severity: Critical